Proximity validation system and method

ABSTRACT

A gate keeping system for a user accessible resource is provided. The system has a server, a transceiver and an RFID tag. The server is communicably connected to the resource for sending commands allowing and terminating user access to the resource. The receiver is communicably connected to the server and capable of sending an RF interrogation signal. The RFID tag is capable of sending an RF signal in response to the receiving the interrogation signal. The RFID tag has a program that embodies user unique credentials capable of providing user access to the resource. The user unique credentials represent a user associated with the tag.

This is a continuation of application Ser. No. 11/047,534 filed 31 Jan.2005, now U.S. Pat. No. 7,108,177 the content of which is incorporatedherein by reference.

BACKGROUND

1. Field of the Invention

The present invention relates to a secure system for automaticallyinterfacing a user with a resource.

2. Brief Description of Related Developments

In the security conscious environment, present today and probably forthe foreseeable future, in which security concerns permeate throughalmost every aspect of daily living, there is a great desire to secureaccess to resource systems whether they be material such as, privatehomes, commercial and public facilities, transportation and shippingsystems, or electronic such as computers/processing devices or computercontrolled systems and networks. A common thread in effecting secureaccess to the diverse. resource systems is providing a secure way ofestablishing user identity. However, conventional systems for securelyestablishing user identity are slow complex and inefficient. Forexample, in the case of securing access to computer controlled systems.Conventional security methodologies in use today have a user of thecomputer controlled systems enter an identification and password intothe system in order to have access to that system's capabilities.Throughout all industry the precursor for access to computers andnetworks is proof of authenticity of the individual requesting access tothe system. Such proof of authenticity with conventional systemsrequires the user to input some means of identification. Conventionallysuch identification is log-on identification followed by a uniquepassword. Other conventional methods for identification include the useof “Smart Cards” to replace the manual entry of the “log on”information, biometric information of passwords, and variouscombinations of identification mechanisms to assure the individualrequesting access to the system is who he says he is.

As noted before, these conventional systems and methodologies forsecuring access, are slow (e.g. manual entry or authenticationinformation), inefficient (e.g. accessing “smart card” which is thensubsequently “swiped” or read by scanning means that by the very natureof the scanning/reading are susceptible to reading errors from dirt andother matter capable of causing reading errors) and costly (e.g.biometric information systems). The present invention overcomes theproblem of conventional systems as will be described in greater detailbelow.

SUMMARY OF THE EXEMPLARY EMBODIMENTS

In accordance with one exemplary embodiment of the present invention agate keeping system for a user accessible resource is provided. Thesystem comprises a server, a transceiver and an RFID tag. The server iscommunicably connected to the resource for sending commands allowing andterminating user access to the resource. The transceiver is communicablyconnected to the server and capable of sending an RF interrogationsignal. The RFID tag is capable of sending an RF signal in response tothe receiving the interrogation signal. The RFID tag has a program thatembodies user unique credentials capable of providing user access to theresource. The user unique credentials represent a user associated withthe tag.

In another exemplary embodiment the RF signal from the RFID tag includesdata related to the user unique credentials. The RF signal from the RFIDtag includes encrypted data. The RF signal from the RFID tag hasauthenticated data.

BRIEF DESCRIPTION OF THE DRAWINGS

The foregoing aspects and other features of the present invention areexplained in the following description, taken in connection with theaccompanying, drawings, wherein:

FIG. 1 is a schematic diagram of a system incorporating features inaccordance with an exemplary embodiment of the present invention;

FIG. 2 illustrates one embodiment of a digital verification process of aRFID tag with a remote reader/transceiver of the system in FIG. 1;

FIG. 3 represents one embodiment of a RFID tag public key validationprocess;

FIG. 4 is a flow chart schematically illustrating a method of operationof the system;

FIG. 5 is a flow chart schematically illustrating another method ofoperation of the system; and

FIG. 6 shows a number of exemplary devices incorporating a RFID tag ofthe system.

DETAILED DESCRIPTION OF THE EXEMPLARY EMBODIMENT(s)

As seen in FIG. 1, the user identification system 10 secures access to aresource system of drive A. In this embodiment, the resource A, which issecured and to which a user seeks access is schematically represented asa computer terminal or work station A10. The work terminal A10 is arepresentative station, and is shown as a single station for examplepurposes only. Station A10 may be a stand alone PC connected to the useridentification system as will be described below, or may be any desirednumber of terminals or devices connected to the system 10. Further,resource A may be communicably connected to other devices/terminalseither by a LAN or other desired network (not shown) so that access toresource A serves as a portal to the other devices communicating withresource A, but not independently secured by system 10. In alternateembodiments, resource A may be any other desired system or device towhich access is secured by system 10, such as private, commercial orpublic facility, conveyances and facilities transportation and shippingsystems, or any other suitable system to which secure access is desired.In still other alternate embodiments the system 10 may secure anydesired number of individual resources which may be of the same or ofdifferent types.

Still referring to FIG. 1,. the user identification system 10 employsRFID technology to effect an automatic and secure way of providing useridentity to terminal A when the, user is in a predetermined proximity tothe terminal. The user identification system 10 generally comprises ahost server 12 and transceiver 14 for communicating with an RFID tag 100in the possession of the user. In the embodiment shown in FIG. 1, arepresentative host. server 12, transceiver 14 and RFID tag 100 areshown for example purposes, and system 10 may comprise any desirednumber of host processors, transceivers and RFID tags. In general, theRFID tag 100 holds user unique data or user credential (i.e. capable ofestablishing the identity of the user tag holder) that are communicatedvia transceiver 14 to the host processor 12 automatically upon arrivalof the user within predetermined distance of terminal or station A. Thehost servers 12 determines the identity and hence access authorizationof the tag holder from the user credentials, and automatically enablesaccess. (i.e. “logs on” the tag holder) into terminal A. Departure ofthe user (and hence the RFID tag) from the proximity of the terminal A,is automatically signaled via transceiver 14 to host server 12 whichautomatically initiates access termination (i.e. “log off”) to terminalA. Hence, system 10 performs user identification and accessinitiation/termination (“log on/log off”) invisibly with respect to thetag holder.

Host server 12 may be any suitable computer station. Shownrepresentatively in FIG. 1 as a single station, host server 12 maycomprise any desired number of process stations. Host server 12 may bepart of terminal A. Transceiver 14 may also be part of terminal A ifdesired. The multiprocess stations of host server 12 may be communicablyconnected by any suitable communication linking means such as a LAN,Internet or wireless communication links. As seen in FIG. 1, the host 2server 12 may include a suitable processor 20 and memory 22 withprogramming for operating system 10. Memory 22 may include memoryregisters capable of storing a database 22 a containing electronic dataembodying the unique user credentials used in establishing the useridentity. The user credentials, which as noted before are unique foreach user, may be of any suitable kind, such as a character string, andmay be arranged in any suitable manner to serve user identification withthe desired level of security. For example, the user credentials may bestructured in a manner somewhat similar to the “log-on” identifiers and“password” form of conventional log on systems. In this case each RFIDTag (to be described in greater detail below) may have a unique tagidentifier (relating the tag among a population of tags as well as to aparticular user) and predetermined user unique identification data. Theunique tag identifier also aids authentication as will be seen below.The predetermined user unique identification data may be any desirableelectronically communicable data assigned uniquely to a user. Thepredetermined tag unique identification data may also be any desirableelectronically communicable data assigned uniquely to the tag. As willbe described further below, the tag identifier and user identifier maybe established at any desired time such as at the time the. RFID tag isassigned to the user. The unique tag identifier and unique useridentifier may serve as the unique user credentials. In alternateembodiments, the user unique credentials may have any other suitable:form. The database 22 a in the memory registers 22 of host server mayhave any suitable architecture arranged to be interfaced with oraccessed by any. desirable access protocol. For example, the database 22a may be arranged generally in accordance with the lightweight directoryaccess protocol ([DAP). Though in alternate embodiments the database maybe structured in accordance with any other suitable arrangement andaccess protocol.

In the embodiment where database 22 a has a general [DAP arrangement,the database may have a hierarchical type data store distribution. Byway of example, each of the resources (similar to resource A) served bythe host server 12 may have a segregated and independently addressedstorage location holding data stores with user identificationinformation for that user credentials storage location resource. Thus,the data stores with for resource A may be located in a having anaddress or identifier associated with resource A. Further organizationaldistribution may be provided (such as at a sub-resource or sub-locationlevel if desired). In this embodiment, user credential data may be heldin a separate data store of a corresponding location. This allows thedatabase 22 a in host server 12 to efficiently store user identificationinformation related to any desired number of different resources(similar to resource A) and facilitate ready access to any desired datastores related to a desired resource.

As may be realized, the address. information assigned to each data storein database, and enabling the interface program in host server 12 toaccess the data stores, reflects the distribution/architecture of thedatabase. As seen in FIG. 1, the host server 12 may have a softwaresuite 24 for interfacing with and accessing/reading information storedin data stores of database 22 a. Software suite 24 may also be capableof writing or storing data into data stores of the database, and ifdesired of designating memory space in memory 22 as data stores fordatabase 22 a. Further, software suite 24 may include suitablecommunication software to interface with and operate transceivers(similar to transceiver 14) for effecting bidirectional communicationswith RFID tags such as tag 100. Further still, software suite 24 iscapable of communicating with the resources it serves, such as resourceA, to enable user access/“log on” (i.e. to provide the resource userwith the roles and privileges associated with log on) to the resources,and to remove access/“log off” the user as will be described furtherbelow.

Still referring to FIG. 1, there is shown an operation area 18 includinga station A10 of resource A, and transceiver 14. Area 18 schematicallyrepresents the geographic region where a RFID tag 100 held by userdesiring access to resource A is capable of communicating withtransceiver 14. The boundaries of area 18 may be established as desired,and the communication range of the transceiver 14 may be setaccordingly. By way of example, the operation area 18 may be establishedto be within the immediate proximity (about 2-3 ft) of the station A10.The location, relative to station A10, and communication range of thetransceiver 14 are thus appropriately defined. Log on and log off of auser onto resource station A10, as will be described in greater detailbelow, occurs respectively when the RFID tag 100 held by the user (andwith the appropriate user credentials thereon) is correspondinglybrought into or removed from the aforementioned proximate boundaries ofthe operation area 18. An operation area of this size may be used forexample in cases where it is expected or desired to provide access tothe resource station A10 one user at a time. The proximity of theboundaries of area 18 to the resource station A10, serve in this exampleto restrict more than one user from being in the operation area. Inalternate embodiments, the size or bounds of the operation area may beestablished as large as desired, and may be capable of encompassing anydesired number of users. In other alternate embodiments, the operationarea 18 may include more than one station (similar to station A10) formore than one resource (similar to resource A), and may also includemore than one transceiver (similar to transceiver 14). For example, theoperation area may be a room (not shown) in a facility (or possibly theentire facility or any portion thereof) holding multiple stations(similar to station A10) of multiple resources. Multiple users may belocated in the operation area, and some users may be entitled to accesssome but not all the resource stations in the operation area. As seen inFIG. 1, host server 12 may be connected to serve any desired number ofother operation areas 18A (only one is shown for example purposes) thatare similar to area 18. As may be realized, resource A may have securedstations (similar to station A10) in the other operation areas 18Aserved by server 12 of system 10. In this embodiment, the resourcestation A10, in area 18, and other resource stations (similar to stationA10) in other areas 18A may be provided with an identifier related tothe area 18, 18A in which the station is situated. Hence, multipleresource stations sharing an operation area may have a commonidentifier. The identifier, which maybe communicated to server 12 uponconnection to a given resource station, may be used to independentlyaddress desired resource stations in desired operation areas 18, 18A.Each of the operation areas 18, 18A may be connected to the server 12via a communication system 16 such as the internet or modems.

As noted before, each operation area 18, 18A of system 10 has atransceiver, similar to transceiver 14. The transceiver generallycomprises suitable circuitry (not shown) and an antenna 14 a capable ofbi-directional communication or coupling, according to a desiredcommunication protocol, with RFID tag 100 when the tag is within theoperation area 18, 18A. As may be realized, the transceiver 14 is alsocapable of converting the response signal from the RFID tag to suitableelectronic format for communication to server 12. As noted before, thecommunication range of the transceiver 14 is established to define thedesired size of the operation area 18, 18A. Transceiver 14 may becapable of coupling with one or more of the RFID tags 100 in theoperation area 18, 18A. To facilitate coupling with multiple RFID tags(similar to tag 100), the transceiver 14, and/or the server 12controlling operation of the transceiver, may include a multiple RFIDanti-collision interrogation system (not shown) suitable example ofwhich is disclosed in U.S. patent application Ser. No. 10/740,983, filedDec. 19, 2003, and incorporated by reference herein in its entirety. Inthis embodiment, the transceiver may be provided with an identifier 14 bthat for example, may be stored in a suitable memory (not shown) of thetransceiver. The transceiver identifier 14 b, similar to the resourcestation identifier disclosed before, relates the transceiver 14 to theoperation area 18 in which the transceiver is operating. The transceiveridentifier 14 b may be stored or otherwise entered at any desired timesuch as at system setup or upon connection of the transceiver to theserver. The transceiver identifier 14 b, may be communicated at anydesired time, such as when communicating the response signal receivedfrom the RFID tag, to the server. Hence, the transceiver identifier 14 bmay be used by the server 12 to associate the particular transceiver 14to the corresponding resource station A10, and the RFID tag(s) 100 (andthus the users) communicating with the given transceiver with thecorresponding resource station A10. This allows the server 12, uponverification of the user credentials from the RFID communicationreceived via transceiver 14, selectively send a command to thecorresponding to resource station A10 to enable user access/log on.Conversely, upon receipt of a suitable signal from the transceiver 14that the RFID tag is no longer present in the operating area 18, theserver 12 may selectively transmit a command to the correspondingresource station A10 to log off/close access to the departed user. Inthis manner, server 12 selectively controls access to desired stationsof a given resource without providing access to resource stations whereaccess is not desired.

FIG. 1 shows an RFID tag 100 used for access to the resource stationsA10 of resource A. Tag 100 shown in FIG. 1 is a representative tag, andany number of tags similar to RFID tag 100, each as noted before withunique user credentials, may be issued or otherwise available for use tolog on/log off stations of resource A. In this embodiment, RFID tag 100may be specifically related to resource A (i.e. tag 100 serves toprovide access specifically to resource A). RFID tag 100 may also bespecifically related to other resources (not shown) having stationslocated in common with resource station A10 in operation area 18, orindependently located. As seen in FIG. 1, tag 100 has suitable RFIDcircuitry 102 to receive RF interrogation communication 200 fromtransceiver 14 and transmit a suitable RF response communication 202 tothe transceiver. In the exemplary embodiment, the RFID circuitry 102 maybe “active” (i.e. capable of actively generating the RF responsecommunication 202, rather than modulating the reflected interrogationsignal). Accordingly, tag 100 may include a battery 110 or othersuitable power supply (e.g. protocol) connected and supplying power tothe RFID circuitry 102. In alternate embodiments the RFID circuitry ofthe tag may be “passive” or “active/passive”. Tag 100 also has suitablememory 104, such as ROM or EPROM memory, with registers 108 for storingfor example the unique tag identification data 108 a, and unique useridentification data 108 b. Memory 104 in this embodiment includessuitable encryption programming 106 to provide secure communication totransceiver 14/server 12. The software suite 24 of the server 12 hassuitable decryption capable of reading the data in the encryptedcommunication from the RFID tag.

The communication between RFID tag 100 and server 12 may be secured bypublic/private key cryptography. By way of example, the tag memory 104may have stored therein a tag private key. Further, to facilitate anauthentication function of the tag 100, memory 104 of the tag 100 inthis embodiment may hold a tag provider or tag vendor private key. Asmay be realized, tags similar to tag 100 are issued or provided to usersof resource A by one or more providers. The tag provider has a privatekey that is registered in the tag memory 104 at any time before orduring issue of the tag to the user. The tag provider also has a publickey that is stored in the memory of 22 of server 12. The tag privatekey, is unique to the tag 100 and hence may form part of the unique tagidentifier of the tag 100. The matching tag public key to the tagprivate key is also stored in the memory 22 of server 12. The tagprivate key may also be registered in tag memory 104 at any time beforeor during issue of the tag to the user. User unique identification data108 b may be registered in the tag memory 104 when the tag providerissues the tag 100 to the user. As noted before, the user uniqueidentification data are also provided by any suitable secure means tothe server 12 and are stored in the suitable data store for theappropriate resource in database 22 a.

The tag 100 may use the tag private key to sign data transmitted in theresponse 202 to the interrogation command 201 from transceiver 14. FIG.2 illustrates one embodiment of a validation process for data signaturesof RFID tag 100. The tag data elements, such as for example tagidentification data 108 a (see also FIG. 1) 502 are applied to a hashfunction 504 to result in a hash value 505. Hash function 504 may bestored in RFID tag memory 104. The hash value 505 and the tag privatekey 508 (from memory 106) are combined to produce the signature function506. Signature function 506 is transmitted to transceiver 14 incommunication response 702 along with tag data elements 502. Duringverification performed by the server 12, the hash value 512, producedfrom the hash function 510 as applied to the tag data elements 502, isinputted to the tag data signature verifier 514, of the server 12together with the received signature and the tag public key 516 fromserver memory. The result 518 determines the validity or invalidity ofthe tag data elements 502 after transmission. Authentication of the tag100 is schematically illustrated in FIG. 3. In this embodiment, the tagdata elements in the tag response transmission 202, and the tag publickey 602 are hashed via a hash function 604 to produce a hash value 605.The hash value 605 and vendor public key 608 are used to produce thesignature function 606 transmitted to the server via transceiver 14. Thevendor private key 616 from the server memory is used together with thereceived signature function key 606 and hash value 612 in the tag publickey signature verifier 614 to determine if the tag data elements areassociated with the proper authority and are determined to be valid orinvalid 618. Authentication of the tag and validation of the RFID tagdata as described above assures that the message incorporated in thecommunication from the tag 100 is as transmitted from the tag 100. Theresponse communication 202 may also contain the user uniqueidentification data encrypted utilizing standard public key encryptiontechniques. The user identification data is related to the server 12,upon receipt by the transceiver 14, and decrypted by the server. Theresponse communication may further contain data identifying the resourceA to which tag 100 is related as noted above. This data may serve or beformatted to provide the directory, and/or subdirectory, address inserver database 22 a holding the data store with the user identificationcredentials for tag 100. After reception of the user credentialstransmitted by tag 100, server 12 performs a comparison of the receiveduser credentials with corresponding stored user credentials from thedatabase. Upon finding a match between received and stored usercredentials, server 12 as noted before sends a writable enable accesscommand to the resource station A10 in the appropriate operation area18, thereby effecting user “log on” the resource station. The server 12may also inform the resource A or resource station of the identity ofthe user being logged on by for example sending the resource station A10a data entry (e.g. password) enabling the resource A to identify theuser/tag holder.

FIG. 4, schematically illustrates a suitable process for effectingautomatic “log on” of a user onto resource station A10. As seen in FIG.1, the “log on” may automatically commence when the user in possessionof RFID tag 100 (as will be described below) enters the operation area18. Transceiver 14 may be capable of sensing when the RFID tag 100becomes present inside the operation area. For example, the RFID tag maysend a suitable locator signal periodically that, upon receipt by thetransceiver, informs the transceiver/server of the presence of the RFIDtag. The periodicity of the locator signal transmission from tag 100 maybe sufficient so that the transceiver 14 receives a locator signal fromthe tag immediately upon entering the operation area 18. In alternateembodiments, the locator signal may be transmitted substantiallycontinuously. As may be realized, locator signal range may beestablished so that the transceiver 14 will not receive tag locatorsignals when the tag 100 is located outside the operation area 18. Inalternate embodiments the transceiver 14 may send the interrogationsignal (similar to interrogation signal 200), continuously or withsufficient periodicity so that the RFID tag may be interrogated within asubstantially imperceptible short duration after entrance into theoperation area. In this case, reception of the response communication(similar to communication 202 in FIG. 1) from the RFID tag would informthe transceiver/server of the presence of the tag in the operation area.Thus, the log-on process commences automatically with the transceiver 14transmitting the interrogation signal as illustrated in block L1 of FIG.4. In response to the transceiver interrogation, in block L2 the RFIDtag 100 sends a signed response communication 202 transmitting theencrypted unique tag identifier and user credentials from the tag memoryas described before. The response communication received by thetransceiver 14, is related to the server 12 for authentication of thepublic key and validation of the tag (see block L3 in FIG. 4). If theserver determines that the signature is not authentic and/or the tag isinvalid, the “log-on” process is stopped and resource access is notallowed, block L4. If in block L3, the server authenticates the publickey and validates the tag, the log on process continues as in block LS,with the server reading the user credentials received from the tag andcomparing the received credentials with the user credentials in theappropriate directory in database 22 a (see also FIG. 1) correspondingto resource A. If the server cannot match the received user credentialswith those in the corresponding data store of database 22 a, in blockL6, the server stops the “log-in” process and access to. the resource Ais denied (block L4). If in block L6, the user credentials transmittedby the RFID tag are verified, then in block L7 the server sends a“log-on” command to the desired resource station A10 (identified forexample by the transceiver identification) thereby logging on the user.As noted before, the server may also communicate to the resource A, theidentity (i.e. data representing the identity) of the user being loggedon.

FIG. 5 schematically illustrates the process by which the user, isautomatically logged off from the resource station A10. In block M1 ofFIG. 5, the user is logged on the resource station A10, for example inthe manner described above and illustrated in FIG. 4. Transceiver 14 maybe capable of sensing when the RFID tag 100 is no longer located in theoperation area 18. For example, as noted before the RFID tag may send aperiodic locator signal received by the transceiver 14 when the tag isin the operation area. Removal of the tag from operation area 18 causesthe transceiver to stop receiving the periodic locator signal, which maybe interpreted by the transceiver 14 to mean that the RFID tag 100 is nolonger located in the operation area. In response the receiver 14 maysend an interrogation signal to confirm presence or lack thereof. Inalternate embodiments, the transceiver may send continuously orperiodically an interrogation signal, similar to signal 200 in FIG. 1,to determine the presence of the RFID tag in the operation area. Failureto receive a response from the RFID tag 100 indicates that the tag is nolonger present in the operation area. In any event, the “log-off”process is commenced automatically, and may be initiated by thetransceiver sending an interrogation signal to confirm the presence orlack thereof of the tag 100 in the operation area, block M2 in FIG. 5.If the transceiver receives a response to the interrogation signal,block M3, then the “log-on” is maintained, block M4. If the transceiverreceives no response from the tag in block M3, then the transceiversends a suitable signal to the server indicating the tag 100 is nolonger in the operation area 18. In block M4, the server, upon receivingsuch signal, may send a command to the appropriate resource station A10to “log-off” the user.

The RFID tag 100 may be incorporated into any desired device orapparatus 300, 310, or 320 (see FIG. 6). By way of example and as shownin FIG. 6, the tag 100 may be included into a wristwatch 300, apparel320, or card/badge 310. The RFID circuitry (similar to circuitry 102)may be applied to the device 300, 310 or 320 by any suitable means. Forexample, the RFID circuitry may be formed integral to the device or maybe provided on a chip 100A that may be mechanically applied to thedevice. As may be realized, the devices 300-320 shown in FIG. 6 ashaving the RFID circuitry and operating as an RFID tag similar to tag100 are merely exemplary, and in alternate embodiments the RFID tag maybe encompassed into any suitable apparatus, device or object.

As described above, system 10 provides automatic log-on and passwordentry into a resource such as a computer system when a user inpossession of the invention's RFID transceiving mechanism is within theproximity of said resource.

The system 10 effects automatically log-out of said user, should saiduser move outside the proximity boundary of the resource. The systemprovides users with an RFID tag 100 specifically key coded to said usersunique credentials. The RFID transmitter is interfaced to the computingsystem 10, such that when an individual's RFID transceiver responds tothe signal transmitted from the computer RFID transmitter, saidindividual's RFID (RFID tag) transceiver responds with a signal patternuniquely describing said individual's unique credentials.

Further, the signal pattern sent from the individual's RFID Tag may bereceived by the system's transceiver, with said pattern beingcommunicatively sent to the server of the system 10 which digitized saidpattern to determine the identity of the user whose RFID tag producedthe received pattern, when compared to information within the system 10.

The communications between the RFID tag and system'stransmitter/receiver. system may be encrypted and/or signed to providesecurity against eavesdroppers or third parties intent on compromisingthe security of the system. In this case, each RFID tag may haveinjected into it or have an application to generate a public/private keypair. Using Public Key Cryptographic and Diffie-Hellman sessionestablishment methodologies, the RFID tag and associated computer systemwill be known and authenticated to each other.

It should be understood that the foregoing description is onlyillustrative of the invention. Various alternatives and modificationscan be devised by those skilled in the art without departing from theinvention. Accordingly, the present invention is intended to embrace allsuch alternatives, modifications and variances which fall within thescope of the appended claims.

1. A method for providing secure access to a workstation, comprising:broadcasting an interrogation signal within a predetermined operationarea; if an RFID tag is within the predetermined operation area,transmitting a response signal from the RFID tag to a transceiver;forwarding the response signal to a remote server; comparing usercredential data of the response signal to user credential data stored ina database accessed by the remote server; if the credential data of theresponse signal matches the stored user credential data, sending alog-on command from the remote server to a workstation located withinthe predetermined operation area to enable access to the workstation;wherein transmitting comprises signing the response signal and whereinsigning comprises: generating a hash value from tag identification datausing a hash function stored on the RFID tag; combining the hash valueand a tag private key to form a signature function; and transmitting thesignature function as part of the response signal.
 2. The method ofclaim 1, wherein forwarding comprises transmitting the response signalover a network.
 3. The method of claim 1, further comprising determiningif a locator signal is received from the REID tag after sending thelog-on command and if not, disabling access to the workstation.
 4. Themethod of claim 3, further comprising broadcasting additionalinterrogation signals within the predetermined operation space, whereinthe RFID tag transmits the locator signal in response if the RFID tag iswithin the predetermined operation space.
 5. The method of claim 4,wherein broadcasting comprises continuously broadcasting the additionalinterrogation signals.
 6. A system for securing access to a workstation,comprising: a transceiver for broadcasting an interrogation signalwithin a predetermined operation area; an RFID tag for transmitting aresponse signal to the transceiver if the RFID tag is within thepredetermined operation area; and a remote server for receiving theresponse signal from the transceiver, the remote server comparing usercredential data of the response signal to user credential data stored ina database, wherein the remote server sends a log-on command to theworkstation located within the predetermined operation area to enableaccess to the workstation if the credential data of the response signalmatches the stored user credential data; wherein the response signal issigned and wherein signing the response signal comprises: generating ahash value from tag identification data using a hash function stored onthe RFID tag; combining the hash value and a tag private key to form asignature function; and transmitting the signature function as part ofthe response signal.
 7. The system of claim 6, wherein the remote serveris connected to the workstation over a network.
 8. The system of claim6, wherein the transceiver broadcasts additional interrogation signalswithin the predetermined operation space after the remote server sendsthe log-on command.
 9. The system of claim 8, wherein the RFID tagtransmits a locator signal in response to the additional interrogationsignals if the RFID tag is within the predetermined operation space. 10.The system of claim 9, wherein the remote server disables access to theworkstation if the locator signal is not received by the transceiver inresponse to any additional interrogation signal.
 11. The system of claim8, wherein the remote server continuously broadcasts the additionalinterrogation signals.